<?php
session_start();
header('Content-type: text/plain');
if (!isset($_SERVER['PATH_INFO']) || empty($_SERVER['PATH_INFO']) || $_SERVER['PATH_INFO'] == '/') {
    die('1 Invalid Path');
}

if (!$dev && !in_array($_SERVER['REMOTE_IP'], $allowed_ip)) {
    die('7 this IP does not have access to this service');
}

include_once 'Authz/Database.php';

$info = explode('/', $_SERVER['PATH_INFO']);
switch ($info[1]) {
    case 'getsalt' :
        $salt    = sha1(md5(mt_rand(1, 10000) . time()));
        $_SESSION['salt'] = $salt;
        die($salt);
        break;
    case 'sync' :
        if (!isset($_SESSION['salt'])) {
            die('0 Unknown session');
        }
        if (!isset($_POST['salt']) || $_POST['salt'] != $_SESSION['salt']) {
            die('2 Invalid Salt');
        }

        // package name (string)
        // maintainers (array)

        if (!isset($_POST['package'])
            || !isset($_POST['maintainers'])
            || (isset($_POST['maintainers']) && $_POST['maintainers'] <= 0)
        ) {
            die('5 Missing package or maintainers param');
        }

        try {
            $config = dirname(__FILE__).'/config.php';
            if (!file_exists($config)) {
                die('Config me');
            }

            include $config;
            $cls = new VersionControl_SVN_Authz_Database;
            $cls->setDb(null, $db_user, $db_pass);

            $package = $_POST['project'] . '_' . $_POST['package'];
            // addGroup checks if the group exists
            $res = $cls->addGroup($package);

            // add permissions to the package
            $res = $cls->addPermission($package, '/' . $package, 'rw');

            // get which people are in the group
            $plp = $cls->getUsersFromGroup($package);

            $remove = array_diff($plp, $_POST['maintainers']);
            $add    = array_diff($_POST['maintainers'], $plp);

            // add/remove people from the group
            foreach ($remove as $r) {
                if (!empty($r)){
                    $cls->removeUserFromGroup($r, $package);
                }
            }

            foreach ($add as $a) {
                if (!empty($a)){
                    // Check if the user exists
                    $c = $cls->getUser($a);
                    if (empty($c)) {
                        $cls->addUser($a, md5(''), false);
                    }
                    $cls->addUserToGroup($a, $package);
                }
            }

            $groups = $cls->getGroups();
            $perms  = $cls->getPermissions();

            require_once 'Authz.php';
            $content = VersionControl_SVN_Authz::generateAuthzFile($groups, $perms);
            file_put_contents($authzpath, $content);
        } catch (VersionControl_SVN_Authz_Database_Exception $e) {
            die('3 Database Error ' . $e->getMessage());
        }

        die('8 Sync Done');
        break;
    default:
        die('4 Wrong query param');
        break;
}